Apple Planning Fix for OS X SSL Bug as New Research Reveals iMessage, Other Apps AffectedApple has confirmed that it will issue a software update "very soon" to patch the
security flaw found in OS X that allows attackers to capture or modify data protected by the SSL/TLS protocols in Safari, reports
Reuters. The vulnerability of OS X to the bug was detailed by security firm
CrowdStrike and a
Google engineer last Friday, and came right after Apple released
iOS 7.0.6 to fix the SSL-related issues on iOS.
However, the security flaw, which has been termed "GoToFail" by security specialists due to the improperly used "goto" command that triggers it, may be affecting more than just Safari. Independent privacy researcher Ashkan Soltani has pointed out on his
Twitter (via
Forbes) that Apple's vulnerable SSL library is also used by apps including FaceTime, iMessage, Twitter, Calendar, Keynote, Mail, iBooks, Software Update, and more.
<center> A list of apps deemed vulnerable to the SSL bug found in OS X and iOS by security researcher Ashkan Soltani </center>
Soltani does point out that apps such as iMessage and FaceTime have addded security measures that weaken the effects of the security flaw, but also added that the initial iCloud login used to authenticate such apps may also be compromised. The researcher states that other parts of the protocol such as the handshake between a service and a device are vulnerable to an attack as well, and will need to be secured by Apple.
Currently, users can check whether or not their computers are affected by the vulnerability by visiting
gotofail.com in Safari. As users wait for a fix to the flaw, CrowdStrike recommends avoiding untrusted and unsecured WiFi networks while traveling. The site also recommends that users update to iOS 7.0.6 if they have not yet installed it on their iOS devices.
Recent Mac and iOS Blog Stories •
iOS 8 Concept Video Features Unified Interface for Control Center and Multitasking •
Microsoft to Cut Windows Licensing Price by 70% to Compete with Apple •
Fitbit Issues Recall for Fitbit Force Over Skin Irritation Reports •
Apple Planning New Retail Store in Lansing, Michigan •
Adobe Releases Another Emergency Update for Flash •
Apple Expanding North Carolina Data Center Once Again •
Camera+ Updated With Photo Editing Improvements, Widescreen Shooting Mode •
LaCie's External Drive Lineup Gains New 5TB Drives From Seagate<img width='1' height='1' src='
http://rss.feedsportal.com/c/35070/f/648327/s/3772f89f/sc/5/mf.gif' border='0'/><br clear='all'/><div class='mf-viral'><table border='0'><tr><td valign='middle'><a href="
http://share.feedsportal.com/share/twitter/?u=http%3A%2F%2Fwww.macrumors.com%2F2014%2F02%2F23%2Fapple-fixing-ssl-bug-other-apps-affected%2F&t=Apple+Planning+Fix+for+OS+X+SSL+Bug+as+New+Research+Reveals+iMessage%2C+Other+Apps+Affected" target="_blank"><img src="
http://res3.feedsportal.com/social/twitter.png" border="0" />[/url] <a href="
http://share.feedsportal.com/share/facebook/?u=http%3A%2F%2Fwww.macrumors.com%2F2014%2F02%2F23%2Fapple-fixing-ssl-bug-other-apps-affected%2F&t=Apple+Planning+Fix+for+OS+X+SSL+Bug+as+New+Research+Reveals+iMessage%2C+Other+Apps+Affected" target="_blank"><img src="
http://res3.feedsportal.com/social/facebook.png" border="0" />[/url] <a href="
http://share.feedsportal.com/share/linkedin/?u=http%3A%2F%2Fwww.macrumors.com%2F2014%2F02%2F23%2Fapple-fixing-ssl-bug-other-apps-affected%2F&t=Apple+Planning+Fix+for+OS+X+SSL+Bug+as+New+Research+Reveals+iMessage%2C+Other+Apps+Affected" target="_blank"><img src="
http://res3.feedsportal.com/social/linkedin.png" border="0" />[/url] <a href="
http://share.feedsportal.com/share/gplus/?u=http%3A%2F%2Fwww.macrumors.com%2F2014%2F02%2F23%2Fapple-fixing-ssl-bug-other-apps-affected%2F&t=Apple+Planning+Fix+for+OS+X+SSL+Bug+as+New+Research+Reveals+iMessage%2C+Other+Apps+Affected" target="_blank"><img src="
http://res3.feedsportal.com/social/googleplus.png" border="0" />[/url] <a href="
http://share.feedsportal.com/share/email/?u=http%3A%2F%2Fwww.macrumors.com%2F2014%2F02%2F23%2Fapple-fixing-ssl-bug-other-apps-affected%2F&t=Apple+Planning+Fix+for+OS+X+SSL+Bug+as+New+Research+Reveals+iMessage%2C+Other+Apps+Affected" target="_blank"><img src="
http://res3.feedsportal.com/social/email.png" border="0" />[/url]</td><td valign='middle'></td></tr></table></div>
<img src="[url]http://da.feedsportal.com/r/186531001117/u/49/f/648327/c/35070/s/3772f89f/sc/5/rc/1/rc.img" border="0"/>[/url]
<img src="[url]http://da.feedsportal.com/r/186531001117/u/49/f/648327/c/35070/s/3772f89f/sc/5/rc/2/rc.img" border="0"/>[/url]
<img src="[url]http://da.feedsportal.com/r/186531001117/u/49/f/648327/c/35070/s/3772f89f/sc/5/rc/3/rc.img" border="0"/>[/url]
<img src="[url]http://da.feedsportal.com/r/186531001117/u/49/f/648327/c/35070/s/3772f89f/a2.img" border="0"/>[/url]<img width="1" height="1" src="
http://pi.feedsportal.com/r/186531001117/u/49/f/648327/c/35070/s/3772f89f/a2t.img" border="0"/><div class="feedflare">
<img src="[url]http://feeds.feedburner.com/~ff/MacRumors-Front?d=yIl2AUoC8zA" border="0"></img>[/url]
<img src="[url]http://feeds.feedburner.com/~ff/MacRumors-Front?d=6W8y8wAjSf4" border="0"></img>[/url]
<img src="[url]http://feeds.feedburner.com/~ff/MacRumors-Front?d=qj6IDK7rITs" border="0"></img>[/url]
</div><img src="
http://feeds.feedburner.com/~r/MacRumors-Front/~4/DuydpCtPlvY" height="1" width="1"/>
Source:
Apple Planning Fix for OS X SSL Bug as New Research Reveals iMessage, Other Apps Affected
